HEADS-UP: Library version number bumps (revised)

Kris Kennaway kris at obsecurity.org
Wed Sep 29 11:06:42 PDT 2004


On Wed, Sep 29, 2004 at 10:27:21AM -0700, Kris Kennaway wrote:

> > ** If the script is blameless, then there's a change in the way the
> > ** linker builds shared libraries (the point I was trying to establish).
> 
> OK, I think my script is confused because objdump thinks the symbols
> moved from .data to .bss.  I'll take a closer look (and switch it over
> to use readelf instead).

(As peter keeps telling me) readelf does a much better job, and also
finds some things that objdump missed.

Summary: ncurses is probably OK since the only removed symbols are the
_nc_* private interface.  Thanks for the sanity check.

The libraries

  libhistory
  libopie
  libpcap
  libreadline  

must be bumped as previously discussed.  I'm not sure about libm since
the remaining problems seem to have been fixed already.  The others
would be problems and should be bumped if anything can be shown to use
the symbols listed, but at least nothing in the 4.x package
collections uses them so we can probably get away without it.

The new full list of differences is:

==> Comparing symbols in libalias.so.4
2) packetAliasMode removed with no replacement
2) skinnyPort removed with no replacement
==> Comparing symbols in libcam.so.2
2) scsi_interpret_sense removed with no replacement
2) scsi_sense_key_text removed with no replacement
==> Comparing symbols in libcrypt.so.2
2) Blowfish_decipher removed with no replacement
2) Blowfish_encipher removed with no replacement
2) bcrypt_gensalt removed with no replacement
2) blf_cbc_decrypt removed with no replacement
2) blf_cbc_encrypt removed with no replacement
2) blf_dec removed with no replacement
2) blf_ecb_decrypt removed with no replacement
2) blf_ecb_encrypt removed with no replacement
2) blf_key removed with no replacement
==> Comparing symbols in libg2c.so.1
2) __G77_LIBF77_VERSION__ removed with no replacement
2) __G77_LIBI77_VERSION__ removed with no replacement
2) __G77_LIBU77_VERSION__ removed with no replacement
2) g77__ivers__ removed with no replacement
2) g77__uvers__ removed with no replacement
==> Comparing symbols in libhistory.so.4
1) mbrlen reference added to new version of common libraries but is unresolved within common libraries
1) mbrtowc reference added to new version of common libraries but is unresolved within common libraries
2) get_env_value removed with no replacement
2) get_home_dir removed with no replacement
2) set_lines_and_columns removed with no replacement
2) single_quote removed with no replacement
2) unset_nodelay_mode removed with no replacement
==> Comparing symbols in libisc.so.1
1) pselect reference added to new version of common libraries but is unresolved within common libraries
==> Comparing symbols in libm.so.2
2) __arch___ieee754_acos removed with no replacement
2) __arch___ieee754_asin removed with no replacement
2) __arch___ieee754_atan2 removed with no replacement
2) __arch___ieee754_exp removed with no replacement
2) __arch___ieee754_fmod removed with no replacement
2) __arch___ieee754_log removed with no replacement
2) __arch___ieee754_log10 removed with no replacement
2) __arch___ieee754_remainde removed with no replacement
2) __arch___ieee754_scalb removed with no replacement
2) __arch___ieee754_sqrt removed with no replacement
2) __arch_atan removed with no replacement
2) __arch_ceil removed with no replacement
2) __arch_copysign removed with no replacement
2) __arch_cos removed with no replacement
2) __arch_finite removed with no replacement
2) __arch_floor removed with no replacement
2) __arch_ilogb removed with no replacement
2) __arch_logb removed with no replacement
2) __arch_rint removed with no replacement
2) __arch_scalbn removed with no replacement
2) __arch_significand removed with no replacement
2) __arch_sin removed with no replacement
2) __arch_tan removed with no replacement
2) __generic___ieee754_acos removed with no replacement
2) __generic___ieee754_asin removed with no replacement
2) __generic___ieee754_atan2 removed with no replacement
2) __generic___ieee754_exp removed with no replacement
2) __generic___ieee754_fmod removed with no replacement
2) __generic___ieee754_log removed with no replacement
2) __generic___ieee754_log10 removed with no replacement
2) __generic___ieee754_remai removed with no replacement
2) __generic___ieee754_scalb removed with no replacement
2) __generic___ieee754_sqrt removed with no replacement
2) __generic_atan removed with no replacement
2) __generic_ceil removed with no replacement
2) __generic_copysign removed with no replacement
2) __generic_cos removed with no replacement
2) __generic_finite removed with no replacement
2) __generic_floor removed with no replacement
2) __generic_ilogb removed with no replacement
2) __generic_logb removed with no replacement
2) __generic_rint removed with no replacement
2) __generic_scalbn removed with no replacement
2) __generic_significand removed with no replacement
2) __generic_sin removed with no replacement
2) __generic_tan removed with no replacement
2) __get_hw_float removed with no replacement
2) __i387___ieee754_acos removed with no replacement
2) __i387___ieee754_asin removed with no replacement
2) __i387___ieee754_atan2 removed with no replacement
2) __i387___ieee754_exp removed with no replacement
2) __i387___ieee754_fmod removed with no replacement
2) __i387___ieee754_log removed with no replacement
2) __i387___ieee754_log10 removed with no replacement
2) __i387___ieee754_remainde removed with no replacement
2) __i387___ieee754_scalb removed with no replacement
2) __i387___ieee754_sqrt removed with no replacement
2) __i387_atan removed with no replacement
2) __i387_ceil removed with no replacement
2) __i387_copysign removed with no replacement
2) __i387_cos removed with no replacement
2) __i387_finite removed with no replacement
2) __i387_floor removed with no replacement
2) __i387_ilogb removed with no replacement
2) __i387_logb removed with no replacement
2) __i387_rint removed with no replacement
2) __i387_scalbn removed with no replacement
2) __i387_significand removed with no replacement
2) __i387_sin removed with no replacement
2) __i387_tan removed with no replacement
==> Comparing symbols in libncp.so.1
1) _getprogname reference added to new version of common libraries but is unresolved within common libraries
2) sysentoffset removed with no replacement
==> Comparing symbols in libncurses.so.5
2) _nc_background removed with no replacement
2) _nc_lib_traceatr removed with no replacement
2) _nc_lib_tracechr removed with no replacement
2) _nc_lib_tracedmp removed with no replacement
2) _nc_lib_tracemouse removed with no replacement
2) _nc_trace_buf removed with no replacement
2) _nc_trace_tries removed with no replacement
2) _nc_trace_xnames removed with no replacement
2) _nc_tracebits removed with no replacement
==> Comparing symbols in libopie.so.2
1) __xuname reference added to new version of common libraries but is unresolved within common libraries
2) opielogin removed with no replacement
2) opielogwtmp removed with no replacement
==> Comparing symbols in libpcap.so.2
1) __xuname reference added to new version of common libraries but is unresolved within common libraries
2) pcap_lval removed with no replacement
2) yy_create_buffer removed with no replacement
2) yy_delete_buffer removed with no replacement
2) yy_flush_buffer removed with no replacement
2) yy_init_buffer removed with no replacement
2) yy_load_buffer_state removed with no replacement
2) yy_scan_buffer removed with no replacement
2) yy_scan_bytes removed with no replacement
2) yy_scan_string removed with no replacement
2) yy_switch_to_buffer removed with no replacement
2) yychar removed with no replacement
2) yycheck removed with no replacement
2) yydebug removed with no replacement
2) yydefred removed with no replacement
2) yydgoto removed with no replacement
2) yyerrflag removed with no replacement
2) yygindex removed with no replacement
2) yyin removed with no replacement
2) yylen removed with no replacement
2) yyleng removed with no replacement
2) yylex removed with no replacement
2) yylhs removed with no replacement
2) yynerrs removed with no replacement
2) yyout removed with no replacement
2) yyparse removed with no replacement
2) yyrestart removed with no replacement
2) yyrindex removed with no replacement
2) yysindex removed with no replacement
2) yyss removed with no replacement
2) yysslim removed with no replacement
2) yyssp removed with no replacement
2) yystacksize removed with no replacement
2) yytable removed with no replacement
2) yytext removed with no replacement
2) yyval removed with no replacement
2) yyvs removed with no replacement
2) yyvsp removed with no replacement
2) yywrap removed with no replacement
==> Comparing symbols in libreadline.so.4
1) mbrlen reference added to new version of common libraries but is unresolved within common libraries
1) mbrtowc reference added to new version of common libraries but is unresolved within common libraries
2) _rl_defining_kbd_macro removed with no replacement
2) _rl_executing_macro removed with no replacement
2) get_env_value removed with no replacement
2) get_home_dir removed with no replacement
2) possible_control_prefixes removed with no replacement
2) possible_meta_prefixes removed with no replacement
2) saved_line_for_history removed with no replacement
2) screenchars removed with no replacement
2) screenheight removed with no replacement
2) screenwidth removed with no replacement
2) set_lines_and_columns removed with no replacement
2) single_quote removed with no replacement
2) term_DC removed with no replacement
2) term_IC removed with no replacement
2) term_backspace removed with no replacement
2) term_clreol removed with no replacement
2) term_clrpag removed with no replacement
2) term_cr removed with no replacement
2) term_dc removed with no replacement
2) term_ei removed with no replacement
2) term_goto removed with no replacement
2) term_ic removed with no replacement
2) term_im removed with no replacement
2) term_ip removed with no replacement
2) term_pc removed with no replacement
2) term_up removed with no replacement
2) terminal_can_insert removed with no replacement
2) unset_nodelay_mode removed with no replacement
==> Comparing symbols in libssh.so.2
1) ___res reference added to new version of common libraries but is unresolved within common libraries
1) __h_error reference added to new version of common libraries but is unresolved within common libraries
2) auth_input_open_request removed with no replacement
2) debug removed with no replacement
2) debug2 removed with no replacement
2) debug3 removed with no replacement
2) error removed with no replacement
2) fatal removed with no replacement
2) fatal_add_cleanup removed with no replacement
2) fatal_cleanup removed with no replacement
2) fatal_remove_all_cleanups removed with no replacement
2) fatal_remove_cleanup removed with no replacement
2) get_progname removed with no replacement
2) kexdh removed with no replacement
2) kexgex removed with no replacement
4) log removed with no replacement which is not a common library
2) mm_auth2_read_banner removed with no replacement
2) mm_auth_password removed with no replacement
2) mm_auth_rhosts_rsa_key_al removed with no replacement
2) mm_auth_rsa_generate_chal removed with no replacement
2) mm_auth_rsa_key_allowed removed with no replacement
2) mm_auth_rsa_verify_respon removed with no replacement
2) mm_bsdauth_query removed with no replacement
2) mm_bsdauth_respond removed with no replacement
2) mm_choose_dh removed with no replacement
2) mm_getpwnamallow removed with no replacement
2) mm_hostbased_key_allowed removed with no replacement
2) mm_inform_authserv removed with no replacement
2) mm_key_allowed removed with no replacement
2) mm_key_sign removed with no replacement
2) mm_key_verify removed with no replacement
2) mm_newkeys_from_blob removed with no replacement
2) mm_newkeys_to_blob removed with no replacement
2) mm_pam_free_ctx removed with no replacement
2) mm_pam_init_ctx removed with no replacement
2) mm_pam_query removed with no replacement
2) mm_pam_respond removed with no replacement
2) mm_pty_allocate removed with no replacement
2) mm_receive_fd removed with no replacement
2) mm_request_receive removed with no replacement
2) mm_request_receive_expect removed with no replacement
2) mm_request_send removed with no replacement
2) mm_send_fd removed with no replacement
2) mm_send_keystate removed with no replacement
2) mm_session_pty_cleanup2 removed with no replacement
2) mm_ssh1_session_id removed with no replacement
2) mm_ssh1_session_key removed with no replacement
2) mm_start_pam removed with no replacement
2) mm_terminate removed with no replacement
2) mm_user_key_allowed removed with no replacement
2) packet_get_seqnr removed with no replacement
2) packet_set_seqnr removed with no replacement
2) pmonitor removed with no replacement
2) use_privsep removed with no replacement
2) verbose removed with no replacement
==> Comparing symbols in libz.so.2
2) inflate_blocks removed with no replacement
2) inflate_blocks_free removed with no replacement
2) inflate_blocks_new removed with no replacement
2) inflate_blocks_reset removed with no replacement
2) inflate_blocks_sync_point removed with no replacement
2) inflate_codes removed with no replacement
2) inflate_codes_free removed with no replacement
2) inflate_codes_new removed with no replacement
2) inflate_flush removed with no replacement
2) inflate_mask removed with no replacement
2) inflate_set_dictionary removed with no replacement
2) inflate_trees_bits removed with no replacement
2) inflate_trees_dynamic removed with no replacement
2) inflate_trees_fixed removed with no replacement

Explanation of errors:
   1) will cause runtime failures with LD_BIND_NOW
   2), 3) will cause runtime failures if an old binary references the symbol and is run with the new libraries
   4) will cause runtime failures if an old binary references the symbol and is not linked against <newlib>
/tmp/checkcompat.WS4PkkLG


> 
> > The only other one that is noticeable is the private _nc_tracebits
> > symbol (not the topic of this discussion, since applications that use
> > private symbols aren't supported by anyone that I recall).
> > 
> > > A 4.x binary that calls _nc_tracebits() will fail outright when run on
> > > 5.x, but this is a debugging function and not likely to be widely used
> > > in the real world, so that isn't a big deal.
> > 
> > _nc_tracebits is a variable, not a function.  You can't "call" it.
> 
> The linker, curs_trace(3) and <curses.h> beg to differ:
> 
> extern char *_nc_tracebits(void);
> 
> > Also - checking the changelog - _nc_tracebits was not in ncurses 4.2
> > (it was introduced in late 1998).
> 
> We're not talking about ncurses 4.2, as I tried to clarify in my
> previous email.
> 
> Kris


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20040929/251101ee/attachment.bin


More information about the freebsd-current mailing list